W3C home > Mailing lists > Public > www-ws-arch@w3.org > May 2002

RE: D-AR006.9 - "baseline for trust models"

From: Ahmed, Zahid <zahid.ahmed@commerceone.com>
Date: Thu, 2 May 2002 14:35:19 -0700
Message-ID: <C1E0143CD365A445A4417083BF6F42CC02F89092@C1plenaexm07.commerceone.com>
To: www-ws-arch@w3.org
The scope of "trust models" problem should include:

1) Management of trusted CA roots that may be embedded or
accessible in web services applications and client 
devices.
2) Exchange of authorization data, e.g., signed or 
trusted assertions.

W.r.t. #1, there is the X-TASS/XKMS specification:
	http://www.xmltrustcenter.org/research/docs/Xtass.pdf
	http://www.xmltrustcenter.org/xkms/docs/XKMS_1.1.pdf

W.r.t. #2, there is the OASIS SAML v. 1.0 specification 
and possibly posisbly the WS-Security spec:
	http://www.oasis-open.org/committees/security/



Zahid Ahmed


-----Original Message-----
From: David Booth [mailto:dbooth@w3.org]
Sent: Thursday, May 02, 2002 12:40 PM
To: www-ws-arch@w3.org
Subject: D-AR006.9 - "baseline for trust models"



>"D-AR006.9 The security framework document SHOULD recommend a baseline for 
>trust models."

I think this needs clarification.  I don't know what "a baseline for trust 
models" means.


-- 
David Booth
W3C Fellow / Hewlett-Packard
Telephone: +1.617.253.1273
Received on Thursday, 2 May 2002 17:35:31 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 3 July 2007 12:24:59 GMT